2 matches found
CVE-2025-14038
EDB Hybrid Manager contains a flaw that allows an unauthenticated attacker to directly access certain gRPC endpoints. This could allow an attacker to read potentially sensitive data or possibly cause a denial-of-service by writing malformed data to certain gRPC endpoints. This flaw has been...
PT-2023-27170 · Nextcloud · Nextcloud +1
Name of the Vulnerable Software and Affected Versions: user oidc versions 1.0.0 through 1.3.2 Description: The issue is related to the missing verification of the issuer in the user oidc module for Nextcloud, allowing an attacker to perform a man-in-the-middle attack by returning corrupted or kno...